Assistance in the Protection from Un-
authorized Access
UM Basic Configuration L3P
Release
7.1
12/2011
6.8
Access Control Lists (ACL)
113
VLAN ID
VLAN priority (COS)
Secondary VLAN ID
Secondary VLAN priority
Note: If you are using MAC ACLs at ports which are located in the HIPER-
Ring or which participate in the Ring/network coupling, you add the following
rule to the ACLs:
PERMIT
Source MAC: ANY
Destination MAC: 00:80:63:00:00:00
Destination MAC mask: 01:00:00:ff:ff:ff
CLI command in Config-mac-access mode:
permit any 00:80:63:00:00:00 01:00:00:ff:ff:ff
Note: If you are using MAC ACLs at ports located in the MRP-Ring, you add
the following rule to the ACLs:
PERMIT
Source MAC: ANY
Destination MAC: 01:15:4E:00:00:00
Destination MAC mask: 00:00:00:00:00:03
CLI command in the Config-mac-access mode:
permit any 01:15:4E:00:00:00 00:00:00:00:00:03
Note: MAC address masks in the rules of ACLs are inverse.
This means that if you want to mask a single MAC address, you select the
network mask 00:00:00:00:00:00.
If you want to mask MAC addresses in the range from 00:80:63:00:00:00 to
00:80:63:FF:FF:FF, you select the network mask 00:00:00:FF:FF:FF.
To Next Page
Loading...
Need help?
General
